CN103457732B - Private key generating means and method - Google Patents

Private key generating means and method Download PDF

Info

Publication number
CN103457732B
CN103457732B CN201310211020.9A CN201310211020A CN103457732B CN 103457732 B CN103457732 B CN 103457732B CN 201310211020 A CN201310211020 A CN 201310211020A CN 103457732 B CN103457732 B CN 103457732B
Authority
CN
China
Prior art keywords
private key
sub
generation unit
user
root
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201310211020.9A
Other languages
Chinese (zh)
Other versions
CN103457732A (en
Inventor
尹爻珍
千丁熙
孙正勋
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Seoul National University Industry Foundation
Samsung SDS Co Ltd
Original Assignee
Seoul National University Industry Foundation
Samsung SDS Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Seoul National University Industry Foundation, Samsung SDS Co Ltd filed Critical Seoul National University Industry Foundation
Publication of CN103457732A publication Critical patent/CN103457732A/en
Application granted granted Critical
Publication of CN103457732B publication Critical patent/CN103457732B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/083Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
    • H04L9/0833Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP] involving conference or group key
    • H04L9/0836Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP] involving conference or group key using tree structure or hierarchical structure
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3006Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Theoretical Computer Science (AREA)
  • Computing Systems (AREA)
  • Physics & Mathematics (AREA)
  • Algebra (AREA)
  • General Physics & Mathematics (AREA)
  • Mathematical Analysis (AREA)
  • Mathematical Optimization (AREA)
  • Mathematical Physics (AREA)
  • Pure & Applied Mathematics (AREA)
  • Storage Device Security (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The open a kind of private key generating means of the present invention and method.Root private key signal generating unit can generate the root major key of private key and predefined parameter generates the first sub-major key collection of the private key that can generate in predetermined limited quantity by setting.Sub-private key generation unit by sharing the authority generating private key from the sub-major key collection of root private key signal generating unit reception first with root private key signal generating unit, and is distributed to user by utilizing the first sub-major key collection to generate corresponding to the private key of ID.The ID that root private key signal generating unit receives the ID of sub-private key generation unit antithetical phrase private key generation unit from sub-private key generation unit is authenticated, and for sub-private key generation unit certification by the case of the first sub-major key collection is sent to sub-private key generation unit.The present invention can realize lightweight and the high efficiency of private key generation of client by realizing the stratification of private key generation unit, and can suitably be mixed by respective purposes by the private key generation unit of implementation level and be applied to various field.

Description

Private key generating means and method
Technical field
The present invention relates to a kind of private key (Private key) generating means and method and record has at computer The record medium of the program of upper execution the method, particularly relates to one and generates private by private key generation unit is carried out stratification The private key generating means of key and method and record have the record medium of the program for performing the method on computers.
Background technology
Recently, due to development and the rapid expansion of communication network of computer technology, for computer related resource and transmission The safety problem of information become big problem.As can solve the problem that a countermeasure of these problems, system based on encryption To utilizing.Up to now the encryption system contributing maximum is public key encryption system, yet with this traditional public In cipher key system, need the public keys of pre-authentication user, even and if before expiration of limitation period existing problems to be abandoned Certificates of recognition, therefore public keys certificates of recognition manage in there is difficulty.Thus propose personally (ID:identity) Based on ID underlying cryptographic system.
Encryption system based on public keys uses the mode calculating public keys after first determining private key.On the contrary, based on ID Encryption system first select ID and thus calculate private key, the transmission of private key is then by private key distribution department (PKG, private Key generator) utilize ID calculate private key and be transmitted by cryptochannel.
The encryption system based on ID of prior art is deposited the process performed on the client shortcoming slowly, thus proposes New encryption system based on ID of based on trapdoor discrete logarithm (TDL:Trapdoor Discrete Logarithm), so And this remains on and there is private key and send shortcoming slowly.Therefore it is an object of the invention to provide one and can be provided simultaneously with user side The high efficiency of (client) and private key send the new technique of high efficiency.
The prior art that concrete investigation is related to this, in No. 2005-0037723 (invention name of Korean Patent Laid Claim: (the conference session private key distribution method in the encryption system based on identity information)) in disclose following method, i.e. logical Cross and select different two temporary private to generate message, and provide when generating for generating for the variable of session private key and make Agreement by the temporary private of conversation initial object.Consist of step and the private key of the encryption system realizing identity-based information Share protocol steps, and the encryption system of identity-based information is configured for providing the system of signature.Owing to the present invention tries Figure by realize for generate private key main body stratification and shorten sub-private key generation unit private key generate the time, therefore with There are differences on constituting between above-mentioned prior art.
And, No. 2011-0117169 (denomination of invention: ID of Korean Patent Laid (for performing ID basic authentication private key protocol Method and device)) in disclose a kind of certification private key agreement protocol based on ID eliminating private key third party's problem.It relates to A kind of certification private key agreement protocol based on ID, there are differences with the present invention realizing private key generation main body stratification.
Summary of the invention
The technical problem to be solved is for providing a kind of private key by realizing encryption technology based on ID raw The stratification of unit is become to ensure that the lightweight of client and the private key of private key formation efficiency generate method and device.Further, uncommon Hope and be applied to various field by suitably being mixed by respective purposes by the private key generation unit of implementation level.
In order to reach to solve the purpose of above-mentioned technical problem, include according to the private key generating means of the present invention: root private key is raw Become unit, the root major key of private key and predetermined parameter can be generated by setting, thus generate and can generate set in advance First sub-major key collection of the private key in limited quantity;Sub-private key generation unit, by receiving institute from described root private key signal generating unit State the first sub-major key collection and share the authority that generates private key with described root private key signal generating unit, and by utilizing described first son main Keyset generates the private key corresponding with the ID of user and is distributed to user;Wherein, described root private key signal generating unit is private from described son Key signal generating unit receives the ID of described sub-private key generation unit and is authenticated the ID of described sub-private key generation unit, and at pin To the certification of described sub-private key generation unit by the case of described first sub-major key collection be sent to described sub-private key generate Unit.
In order to reach to solve other the more technical problems outside above-mentioned technical problem, generate according to the private key of the present invention Method is raw by the private key that the ID of user is used as the private key generating means execution that public keys generates the private key corresponding to ID One-tenth method, and comprise the steps: that (a) root private key signal generating unit sets the root major key for generating private key and predetermined root ginseng Number;B () sub-private key generation unit sets Private key distribution object user's quantity and predetermined parameter, and by described Private key distribution object The ID of number of users and described sub-private key generation unit is sent to described root private key signal generating unit;C () described root private key generates single Unit performs certification to the ID of described sub-private key generation unit;(d) when in above-mentioned steps (c) by certification, described root private key Signal generating unit utilizes described major key and predetermined root parameter and subparameter to generate the number of users one that can produce and set First sub-major key collection of the private key that sample is many, and the first sub-major key collection generated is sent to described sub-private key generation unit;(e) institute Stating sub-private key generation unit utilizes described first sub-major key collection to generate the private key corresponding with the ID of described user the private that will generate Key is supplied to user;Wherein, described sub-private key generation unit receives described first sub-major key collection from described root private key signal generating unit, Thus the authority generating private key is shared with described root private key signal generating unit.
Private key according to the present invention generates method and device, can realize visitor by realizing the stratification of private key generation unit The high efficiency that the lightweight of family end and private key generate.Further, can be by the private key generation unit of implementation level by respective purposes Suitably mix and be applied to various field.
Accompanying drawing explanation
Fig. 1 is the structured flowchart illustrating the private key generating means according to the present invention.
Fig. 2 is the figure schematically illustrating the principle generating method for the private key realized according to the present invention.
Fig. 3 to Fig. 4 is to be shown through generating by the private key according to the present invention adding based on the private key that method generates The process of close/deciphering and the generation of signature, the figure of transmission process.
Fig. 5 is to illustrate the figure that the private key according to the present invention generates method.
Symbol description:
100: private key generating means 110: root private key signal generating unit
120: sub-private key generation unit
Detailed description of the invention
Hereinafter, private key generating means according to the present invention and the preferred embodiment of method are explained in detail with reference to the accompanying drawings.
Fig. 1 is the block diagram of the composition illustrating the private key generating means 100 according to the present invention, and Fig. 2 realizes root for schematically illustrating The figure of the principle of method is generated according to the private key of the present invention.With reference to Fig. 1, private key generating means 100 can include root private key signal generating unit 110 and sub-private key generation unit 120.
Private key generating means 100 generates the private key corresponding to ID.Private key generating means 100 according to the present invention is passed through Private key generation unit implementation level had root private key signal generating unit 110, sub-private key generation unit 120.
Root private key signal generating unit 110 holds the root major key (mk that can generate private keyRoot).Now, root major key (mkRoot) can be by (wherein, p and q can be defined as meeting p ≡ 1 (mod4), the B-spline smooth of q ≡ 3 (mod4) for p, morphosis q) (smooth) prime number.Wherein, p ≡ 1 (mod4) represents that p is to be the number of 1 divided by remainder when 4, i.e. (k is to be equivalent to p=4k+1 Arbitrary integer), in like manner, q ≡ 3 (mod4) represents that q is to be the number of 3 divided by remainder when 4, i.e. q=4k+3 (k is arbitrary integer).Root Major key (mkRoot, (p, q)) has and can be used for directly receiving private from sub-private key generation unit 120 or root private key signal generating unit 110 The user of key directly generates the main secret information of private key.Therefore as in figure 2 it is shown, root private key signal generating unit 110 can directly generate right Should be in the private key of the ID of user (X) and the private key of generation to be supplied to user (X).In this case, root private key signal generating unit 110 Receive ID and by referring to precomputation table data to derive discrete log from user, and send private key to user.
Further, root private key signal generating unit 110 sets root private key signal generating unit parameter N, G, g, H1、H2, and each parameter can be by such as Give a definition: N is the conjunction number of p × q, G be Zn (Zn={0,1 ... n-1}, finite ring) largest loop subgroup, g refers to the generation of G Source.H1As the first hash function, { 0,1} can be defined as*The universe hash function of → G, is that be mapped to can be by directly from son Discrete logarithm is entered by the ID of the user that private key generation unit 120 or root private key signal generating unit 110 receive private key as input value The function of the group G that row solves.And H2As the second hash function, can be defined as the random Harsh function of 0,1}* → Zn, And in endorsement method described later, can be used as random Harsh function.These root private key signal generating unit parameter N, G, g, H1、H2Be in order to Use this encryption system 100 based on ID and disclosed systematic parameter, and for using sub-private key generation unit 120 or this base User in the encryption system of ID provides the calculating process needed for private key.
Root private key signal generating unit 110 uses root major key corresponding with ID to having for distribution with predetermined parameter The first son that sub-private key generation unit 120 distribution of the authority of private key can generate the private key in limited quantity set in advance is main Keyset.To this end, root private key signal generating unit 110 receives sub-private key generation unit ID (G from sub-private key generation unit 120ID) and service Number of users (n) information, and antithetical phrase private key generation unit ID (GID) perform authentication operation.This authentication operation can be undocumented logical Road (cryptochannel) is carried out.
With reference to Fig. 5, if to described sub-private key generation unit ID (GID) performing certification and by certification, then root private key generates Unit 110 calculates sub-private key generation unit ID (GID) and (G of service number of users (n)ID, n) perform as input value to make a reservation for Hash function and the discrete log of end value that draws.Now, by (GID, 1) and to (GID, common n n) as input value And the result performing hash function will obtain n discrete log.The discrete log so drawn is the first sub-major key collection (mkGID), root private key signal generating unit 110 is by the first sub-major key collection (mkGID) it is sent to sub-private key generation unit by cryptochannel 120.Wherein, mkGIDFor (x1,x2,...,xn) (and gi=gxi, xi=logg gi(1≤i≤n))。
Now, predetermined hash function can select universe hash function, it is possible to by calculating gi=H1(GID, i) and Generate sub-private key generation unit parameter (gi,1≤i≤n).Wherein, H1As the first hash function, { 0,1} can be defined as* The universe hash function of → G, and GIDRepresent the ID of sub-private key generation unit 120.
Sub-private key generation unit 120 receives the first sub-major key collection, generates corresponding within number of users set in advance The private key of ID is also distributed to user.Sub-private key generation unit 120 can be by ISP (service provider) Set respectively.Here, ISP (service provider) can be the various application being implemented on mobile terminal, so And be not limited thereto.
Sub-private key generation unit 120 uses predetermined hash function to draw the user for distributing to sub-private key generation unit The position of ID represents (bit representation) value, and is linearly combined with the first sub-major key collection and draws the private corresponding to ID Key is also distributed to user.That is, sub-private key generation unit 120 is to ID (UID) use random Harsh function H3And calculate H3(UID) =b1b2…bn(binary representation, that is, bi∈ 0,1}), and the value (b that will calculate1,b2,…,bn) and the first sub-major key line concentration Property combine and calculate corresponding to ID (UID) private key (skUID,), and (secret by undocumented passage Passage) private key of calculating is sent to user.Wherein, H3As the 3rd hash function, { 0,1} can be defined as*→{0,1}n's Random Harsh function.Now, for the convenience on calculating, random Harsh function H can be made3End value take w-sparse (sparse) Form, i.e. at bi(1≤i≤n) only has w (1≤i≤n) individual negated null value " 1 ".
Therefore, although trapdoor discrete logarithm (TDL:Trapdoor Discrete Logarithm) in the prior art In the undefined encryption technology based on ID of group, it is discrete right to draw with reference to precomputation table (pre-computation table) Number end value, but the present invention but can be added (bit summation) calculating generation by the position of sub-private key generation unit 120 Private key, therefore private key generates time shortening.
Group private key generation unit 120 is when the user beyond number of users set in advance distributes private key, in cryptography Angle, the problem that private key is compromised can be there is.Therefore, if it is desirable to provide the private key beyond quantity set in advance, then son The sub-major key collection that private key generation unit 120 can add to root private key signal generating unit 110 request distribution.When root private key signal generating unit 110 when authentic sub-private key generation unit 120 receives the distribution request of sub-major key collection, and root private key signal generating unit 110 generates The second sub-major key collection of the private key suitable with the number of users of additional request can be produced and be supplied to sub-private key generation unit 120.In the case, Charging Detail Record unit (not shown) can carry out charging to the second sub-major key collection.Charging can be according to distributing private key Number of users and set in proportion, may be set to the form of number of users × unit price.This Charging Detail Record unit (not shown) may be included in In root private key signal generating unit 110, or can be with individualism.By this charging form, due to sub-private key generation unit 120 nothing Method arbitrarily increases number of users without the permission of root private key signal generating unit 110, therefore can set up clear and definite charging system.
Encryption/decryption device (not shown) and signature apparatus (not shown) can be realized based on this private key generating means 100. Encryption/decryption device can have ciphering unit and decryption unit, and signature apparatus can have signature signal generating unit and signature verification Unit.
When being U to IDIDUser send for the message of the encryption of message (m) time, the ciphering unit of sender First by ID (UID) calculate hash function as input value, and calculate UIDPosition represent H3(UID)=b1b2…bn.Sender Utilization includes sender and recipient (UID) the disclosed systematic parameter of sub-private key generation unit 120 and position expression value count CalculateSender selects arbitrary random value (r) to generate ciphertext (gr, m for message (m) (SUID) r), and this ciphertext is sent to recipient (UID)。
Receive the user (U of encryption messageID) decryption unit will receive by ring ZNTwo elementary composition a pair Ciphertext (U, V).User (UID) utilize from self included sub-private key generation unit 120 receive corresponding to ID (UID) Private keyCalculateNow, if owing to ciphertext is generated by normal ciphering process Ciphertext, then U=gr, V=m (SUID)r, and if user is to have corresponding to UIDThe user of proper private key, then private keyBe using g asThe end (base) discrete log (i.e.,), therefore calculate describedKnot Fruit is identical with message m.
Signature signal generating unit is based on the private key (sk corresponding to IDUID,), select arbitrary random value R () calculates e=H2(gr, m) generate signature (σ UID,m,σUID, m=(gr,r-e·skUID)).For the signature (σ generated UID, m=(U, V)), the signature verification unit of the recipient receiving signature utilize the ID (U of senderID) calculate gV· (SUID)H3(U m), and (i.e. confirms U=g by confirming that this value is the most identical with UV·(SUID)H3(whether U m) sets up) tests The effectiveness of signed certificate name.Wherein, m is message, and r is any random value (i.e. r ∈ ZN),
Fig. 3 to Fig. 4 is the mistake that the private key being illustrated based on according to the present invention generates that the private key of method generation is encrypted/deciphers Journey and the generation of signature, the figure of transmission process, Fig. 5 is to illustrate the figure that the private key according to the present invention generates method.
With reference to Fig. 3 to Fig. 5, (Set is set by setting the root major key that can generate private key and set predetermined root parameter Up) root private key signal generating unit 110 (S310, S410).This root private key signal generating unit 110 can generate private key in finite number The first sub-major key collection be distributed to have the sub-private key of the authority that can distribute private key in finite number set in advance and generate single Unit 120.
Further, (Set up) sub-private key generation unit 120 (S320, S420), wherein, this sub-private key generation unit are set 120 preset expectation has the number of users of Private key distribution authority, receives the first sub-major key collection, generates quantity set in advance The interior private key corresponding to ID is also distributed to user.
Root private key signal generating unit 110 is by from the ID of the sub-sub-private key generation unit of private key generation unit gain of parameter and in advance The number of users set carrys out the ID (S330, S430) of the sub-private key generation unit of certification, by the Hash letter predetermined by calculating execution Number and the discrete log of each output valve that obtains and the first sub-major key collection of drawing is sent to sub-private key generation unit 120 (S340,S440).When for the authentification failure of sub-private key generation unit ID, stop distributing son to sub-private key generation unit 120 Major key collection.
Sub-private key generation unit 120 utilizes predetermined hash function to derive for distributing to sub-private key generation unit 120 The position expression value of ID, and institute's rheme expression value is linearly combined with the first sub-major key collection and derives the private corresponding to ID Key is also sent to user (S350, S450).
When realizing encryption/decryption technique based on this Private key distribution method, utilize recipient ID that message is encrypted And it is transmitted (S360).And, if receiving the message of encryption, then utilize the private key corresponding to recipient ID that ciphertext is entered Row deciphering (S370).Further, when realizing signature technology based on this Private key distribution method, utilize corresponding to wanting to send message ID private key for want send message carry out signing and send (S460).Further, the signature that checking receives is right The most effective (S470) in the ID and message sending message.
The present invention can also be realized by imprinting computer-readable code in computer readable recording medium storing program for performing.Computer Readable medium recording program performing includes all types of recording equipments storing the data that can be read by computer system.As calculating Machine readable medium recording program performing includes read only memory (ROM), random access memory (RAM), read-only optical disc (CD-ROM), tape, floppy disk (Floppy disk), optical data storage devices etc., also include the device realized with carrier wave (by the transmission of network) form.And And, computer readable recording medium storing program for performing can also be scattered in the computer system connected by wire/wireless communication net and store And perform the computer-readable code of dispersing mode.
Below the preferred embodiments of the present invention are had been shown and described, but the invention is not limited in above-mentioned spy Fixed preferred embodiment, as long as the personnel in the technical field of the invention with general knowledge all can want without departing from right Drawing various variant embodiment in seeking the scope of the inventive concept being claimed in book, those deformation are all wanted in right Ask in the range of record.

Claims (14)

1. a private key generating means, it is characterised in that including:
Root private key signal generating unit, can generate the root major key of private key and predetermined parameter by setting, and generation can generate in advance First sub-major key collection of the private key in the limited quantity set;
Sub-private key generation unit, by from described root private key signal generating unit receive described first sub-major key collection and with described root private key Signal generating unit shares the authority generating private key, and by utilizing described first sub-major key collection to generate the private of the ID corresponding to user Key and by generate Private key distribution to user,
Wherein, described root private key signal generating unit receives the ID of described sub-private key generation unit right from described sub-private key generation unit The ID of described sub-private key generation unit is authenticated, and in the case of the certification for described sub-private key generation unit is passed through Described first sub-major key collection is sent to described sub-private key generation unit, and described sub-private key generation unit is by will be to described user ID use hash function and the position expression value that derives linearly is combined with described first sub-major key collection and generates corresponding to described use The private key of the ID at family.
2. private key generating means as claimed in claim 1, it is characterised in that when described root private key signal generating unit is private from described son Key signal generating unit receives additional sub-major key collection distribution request, during to provide the private key beyond limited quantity set in advance, Described root private key signal generating unit generates can generate the second of as many private key the sub-major key collection with the number of users of additional request And the second sub-major key collection is supplied to described sub-private key generation unit.
3. private key generating means as claimed in claim 2, it is characterised in that also include: for described second sub-major key collection Carry out the Charging Detail Record unit of charging.
4. private key generating means as claimed in claim 1, it is characterised in that described root private key signal generating unit utilizes described master Key directly generates corresponding for the ID private with the user of the user being not included in the range of Private key distribution object user set in advance Key and by generate Private key distribution to user.
5. private key generating means as claimed in claim 1, it is characterised in that described first sub-major key collection is secret by first Passage and be provided to sub-private key generation unit, and the private key corresponding with the ID of described user be by second cryptochannel distribute To user.
6. private key generating means as claimed in claim 1, it is characterised in that described root private key signal generating unit utilizes described predetermined Parameter in subparameter the discrete log of truth of a matter g is distributed the first sub-major key collection mkGID, wherein, mkGID=(x1,x2,..., xn), and xi=logg gi, gi=H1(GID, i), 1≤i≤n, n are the quantity of user set in advance, H1It is the first hash function, GIDID for sub-private key generation unit.
7. private key generating means as claimed in claim 1, it is characterised in that described sub-private key generation unit uses predetermined Kazakhstan Uncommon function H3Calculate ID (the symbol U for described userID) H3(UID)=b1b2…bn, and the value (b that will calculate1, b2,…,bn) and described first sub-major key collection (x1,x2,...,xn) linearly combine and calculate the private key corresponding with the ID of userWherein, UIDRepresent the ID, b of useri∈ { 0,1}, H3It is defined as { 0,1} as random Harsh function*→ {0,1}n, n is the quantity of user set in advance, 1≤i≤n.
8. one kind is generated, as public keys, the private that the private key generating means of the private key corresponding to ID performs by by the ID of user Key generates method, it is characterised in that comprise the steps:
A () root private key signal generating unit sets can generate the root major key of private key and predetermined root parameter;
B () sub-private key generation unit sets the quantity of Private key distribution object user and predetermined subparameter, and divided by described private key The ID of the quantity and described sub-private key generation unit of sending out object user is sent to described root private key signal generating unit;
C () described root private key signal generating unit performs certification to the ID of described sub-private key generation unit;
D (), when in above-mentioned steps (c) by certification, described root private key signal generating unit utilizes described major key and predetermined root Parameter and subparameter generate the first sub-major key collection of the as many private key of quantity of the user that can generate and set, and will be raw The the first sub-major key collection become is sent to described sub-private key generation unit;
E () described sub-private key generation unit utilizes described first sub-major key collection generate the private key corresponding with the ID of described user and incite somebody to action The private key generated is supplied to user;
Wherein, described sub-private key generation unit from described root private key signal generating unit receive described first sub-major key collection, thus with institute Stating root private key signal generating unit and share the authority generating private key, described sub-private key generation unit is by using the ID of described user Hash function and the position expression value that derives linearly are combined with described first sub-major key collection and generate the ID's corresponding to described user Private key.
9. private key as claimed in claim 8 generates method, it is characterised in that in above-mentioned steps (a), described major key mkRoot For a pair prime number of B-spline smooth, (p, q), and described parameter is the conjunction number N that described p with q is multiplied, and N=p × q, Zn are Systemic circulation subgroup G, the generation source g of described G, the first hash function H1, the second hash function H2, wherein, p ≡ 1 (mod4), q ≡ 3 (mod4), Zn=0,1 ... N-1} is finite ring, H1It is defined as { 0,1} as universe hash function*→ G, and H2As with Machine hash function is defined as { 0,1}* → Zn
10. private key as claimed in claim 8 generates method, it is characterised in that in above-mentioned steps (b), described subparameter is Quantity based on Private key distribution object user set in advance and utilize pre-for generating the ID of the sub-private key generation unit of private key Fixed hash function H1And the g definedi, wherein, gi=H1(GID, i), n is the number of Private key distribution object user set in advance Amount, wherein, 1≤i≤n, H1For being defined as the universe hash function of 0,1}* → G, G is the largest loop subgroup of Zn, Zn={0, 1 ... N-1} is finite ring, GIDRepresent the ID of sub-private key generation unit.
11. private keys as claimed in claim 8 generate method, it is characterised in that in above-mentioned steps (d), utilize described sub-ginseng Several the discrete log of truth of a matter g is distributed the first sub-major key collection mkGID, wherein, mkGID=(x1,x2,...,xn), and xi= logg gi, gi=H1(GID, i), 1≤i≤n, H1It is the first hash function, GIDID for sub-private key generation unit.
12. private keys as claimed in claim 8 generate method, it is characterised in that in described step (e), by described use Family ID uses predetermined hash function H3And calculate H3(UID)=b1b2…bn, and the value (b that will calculate1,b2,…,bn) and institute State the first sub-major key collection (x1,x2,...,xn) linearly combine and calculate the private key corresponding with the ID of userIts In, UIDRepresent the ID, b of useri∈ { 0,1}, H3It is defined as { 0,1} as random Harsh function*→{0,1}n, n is for set in advance The quantity of fixed user, 1≤i≤n.
13. private keys as claimed in claim 12 generate method, it is characterised in that described random Harsh function H3End value tool Have at biIn only w the form sparse for w-being set to " 1 ", wherein, 1≤i≤n, 1≤w≤n.
14. private keys as claimed in claim 8 generate method, it is characterised in that generate the user that can produce with additionally increase Second sub-major key collection of the as many private key of quantity, to provide the private of the quantity beyond Private key distribution object user set in advance Key.
CN201310211020.9A 2012-05-31 2013-05-31 Private key generating means and method Active CN103457732B (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
KR1020120058676A KR101301609B1 (en) 2012-05-31 2012-05-31 Apparatus and method for generating secret key, and recording medium storing program for executing method of the same in computer
KR10-2012-0058676 2012-05-31

Publications (2)

Publication Number Publication Date
CN103457732A CN103457732A (en) 2013-12-18
CN103457732B true CN103457732B (en) 2016-08-24

Family

ID=49221462

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201310211020.9A Active CN103457732B (en) 2012-05-31 2013-05-31 Private key generating means and method

Country Status (4)

Country Link
US (1) US9036818B2 (en)
KR (1) KR101301609B1 (en)
CN (1) CN103457732B (en)
WO (1) WO2013180412A1 (en)

Families Citing this family (29)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101493212B1 (en) * 2012-10-31 2015-02-23 삼성에스디에스 주식회사 Method and system for id-based encryption and decryption
US9350550B2 (en) 2013-09-10 2016-05-24 M2M And Iot Technologies, Llc Power management and security for wireless modules in “machine-to-machine” communications
US9100175B2 (en) 2013-11-19 2015-08-04 M2M And Iot Technologies, Llc Embedded universal integrated circuit card supporting two-factor authentication
US10498530B2 (en) 2013-09-27 2019-12-03 Network-1 Technologies, Inc. Secure PKI communications for “machine-to-machine” modules, including key derivation by modules and authenticating public keys
US10700856B2 (en) 2013-11-19 2020-06-30 Network-1 Technologies, Inc. Key derivation for a module using an embedded universal integrated circuit card
KR101599144B1 (en) * 2014-07-23 2016-03-02 삼성에스디에스 주식회사 Apparatus and method for generating key
US9853977B1 (en) 2015-01-26 2017-12-26 Winklevoss Ip, Llc System, method, and program product for processing secure transactions within a cloud computing system
US10205598B2 (en) * 2015-05-03 2019-02-12 Ronald Francis Sulpizio, JR. Temporal key generation and PKI gateway
US10284534B1 (en) 2015-06-26 2019-05-07 EMC IP Holding Company LLC Storage system with controller key wrapping of data encryption key in metadata of stored data item
US9906361B1 (en) 2015-06-26 2018-02-27 EMC IP Holding Company LLC Storage system with master key hierarchy configured for efficient shredding of stored encrypted data items
US9659190B1 (en) 2015-06-26 2017-05-23 EMC IP Holding Company LLC Storage system configured for encryption of data items using multidimensional keys having corresponding class keys
US9779269B1 (en) 2015-08-06 2017-10-03 EMC IP Holding Company LLC Storage system comprising per-tenant encryption keys supporting deduplication across multiple tenants
US10326744B1 (en) 2016-03-21 2019-06-18 EMC IP Holding Company LLC Security layer for containers in multi-tenant environments
JP6965921B2 (en) * 2016-09-08 2021-11-10 日本電気株式会社 Network function virtualization system and verification method
CN106656495B (en) * 2016-10-18 2018-06-12 北京海泰方圆科技股份有限公司 A kind of method and device of user password storage
KR101865703B1 (en) 2016-10-28 2018-06-08 삼성에스디에스 주식회사 Apparatus and method for generating key, apparatus and method for encryption
US10284557B1 (en) 2016-11-17 2019-05-07 EMC IP Holding Company LLC Secure data proxy for cloud computing environments
US10298551B1 (en) 2016-12-14 2019-05-21 EMC IP Holding Company LLC Privacy-preserving policy enforcement for messaging
CN108574570B (en) * 2017-03-08 2022-05-17 华为技术有限公司 Private key generation method, device and system
KR102432356B1 (en) 2017-03-23 2022-08-16 삼성에스디에스 주식회사 Apparatus and method for generating key, apparatus and method for encryption
US11128437B1 (en) 2017-03-30 2021-09-21 EMC IP Holding Company LLC Distributed ledger for peer-to-peer cloud resource sharing
KR101976583B1 (en) * 2017-08-22 2019-05-09 덕성여자대학교 산학협력단 Method for setting secure key between lightweight devices in internet of things using different secure strength and different out-of-band channel
US11063745B1 (en) 2018-02-13 2021-07-13 EMC IP Holding Company LLC Distributed ledger for multi-cloud service automation
WO2020046786A1 (en) * 2018-08-27 2020-03-05 Fireblocks Ltd. System and method for securing crypto-asset transactions
US11128460B2 (en) 2018-12-04 2021-09-21 EMC IP Holding Company LLC Client-side encryption supporting deduplication across single or multiple tenants in a storage system
US11451523B2 (en) * 2019-02-28 2022-09-20 Nxtkey Corporation Methods and systems for secure sharing of data between user devices using a proxy re-encryption key (PRE)
US11218320B2 (en) * 2019-06-28 2022-01-04 Intel Corporation Accelerators for post-quantum cryptography secure hash-based signing and verification
US11019033B1 (en) 2019-12-27 2021-05-25 EMC IP Holding Company LLC Trust domain secure enclaves in cloud infrastructure
CN112733177B (en) * 2021-01-26 2024-04-19 中国人民解放军国防科技大学 Hierarchical identification password encryption method based on global hash

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101388770A (en) * 2008-10-20 2009-03-18 华为技术有限公司 Method, server and customer apparatus for acquiring dynamic host configuration protocol cipher

Family Cites Families (57)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5200999A (en) * 1991-09-27 1993-04-06 International Business Machines Corporation Public key cryptosystem key management based on control vectors
US5201000A (en) * 1991-09-27 1993-04-06 International Business Machines Corporation Method for generating public and private key pairs without using a passphrase
WO1995005712A2 (en) * 1993-08-13 1995-02-23 Frank Thomson Leighton Secret key exchange
JPH10327147A (en) * 1997-05-21 1998-12-08 Hitachi Ltd Electronic authenticating and notarizing method and its system
US6389136B1 (en) * 1997-05-28 2002-05-14 Adam Lucas Young Auto-Recoverable and Auto-certifiable cryptosystems with RSA or factoring based keys
US6307936B1 (en) * 1997-09-16 2001-10-23 Safenet, Inc. Cryptographic key management scheme
US6185685B1 (en) * 1997-12-11 2001-02-06 International Business Machines Corporation Security method and system for persistent storage and communications on computer network systems and computer network systems employing the same
US6151676A (en) * 1997-12-24 2000-11-21 Philips Electronics North America Corporation Administration and utilization of secret fresh random numbers in a networked environment
US6154543A (en) * 1998-11-25 2000-11-28 Hush Communications Anguilla, Inc. Public key cryptosystem with roaming user capability
JP4622087B2 (en) * 2000-11-09 2011-02-02 ソニー株式会社 Information processing apparatus, information processing method, and program storage medium
JP3899808B2 (en) * 2000-12-07 2007-03-28 株式会社日立製作所 Digital signature generation method and digital signature verification method
US7016494B2 (en) * 2001-03-26 2006-03-21 Hewlett-Packard Development Company, L.P. Multiple cryptographic key precompute and store
KR100406754B1 (en) * 2001-04-11 2003-11-21 한국정보보호진흥원 Forward-secure commercial key escrow system and escrowing method thereof
US7093133B2 (en) * 2001-12-20 2006-08-15 Hewlett-Packard Development Company, L.P. Group signature generation system using multiple primes
US7242768B2 (en) * 2002-01-14 2007-07-10 Lenovo (Singapore) Pte. Ltd. Super secure migratable keys in TCPA
US20030221131A1 (en) * 2002-03-08 2003-11-27 Toshifumi Mori Data processing device
US7349538B2 (en) * 2002-03-21 2008-03-25 Ntt Docomo Inc. Hierarchical identity-based encryption and signature schemes
US6715085B2 (en) * 2002-04-18 2004-03-30 International Business Machines Corporation Initializing, maintaining, updating and recovering secure operation within an integrated system employing a data access control function
US20040151309A1 (en) * 2002-05-03 2004-08-05 Gentry Craig B Ring-based signature scheme
US20050089173A1 (en) * 2002-07-05 2005-04-28 Harrison Keith A. Trusted authority for identifier-based cryptography
AU2003262908A1 (en) * 2002-08-28 2004-03-19 Docomo Communications Laboratories Usa, Inc. Certificate-based encryption and public key infrastructure
US7181016B2 (en) * 2003-01-27 2007-02-20 Microsoft Corporation Deriving a symmetric key from an asymmetric key for file encryption or decryption
US7320073B2 (en) * 2003-04-07 2008-01-15 Aol Llc Secure method for roaming keys and certificates
AU2004201807A1 (en) * 2003-05-09 2004-11-25 Nor Azman Bin Abu Method and apparatus for the generation of public key based on a user-defined ID in a cryptosystem
KR100608575B1 (en) * 2003-09-29 2006-08-03 삼성전자주식회사 Home network device to enable automatic take owership, home network system and method using this
US7103911B2 (en) * 2003-10-17 2006-09-05 Voltage Security, Inc. Identity-based-encryption system with district policy information
KR100571820B1 (en) 2003-10-20 2006-04-17 삼성전자주식회사 Conference session key distribution method on ID-based cryptographic system
US20050157872A1 (en) * 2003-11-12 2005-07-21 Takatoshi Ono RSA public key generation apparatus, RSA decryption apparatus, and RSA signature apparatus
EP1548976B1 (en) * 2003-12-24 2007-08-22 STMicroelectronics S.r.l. A message deciphering method
CN100497050C (en) * 2004-01-26 2009-06-10 东芝解决方案株式会社 Security system, authentication system for vehicle, method and program
US7379546B2 (en) * 2004-03-03 2008-05-27 King Fahd University Of Petroleum And Minerals Method for XZ-elliptic curve cryptography
AU2005228061A1 (en) * 2004-04-02 2005-10-13 Research In Motion Limited Deploying and provisioning wireless handheld devices
US8050409B2 (en) * 2004-04-02 2011-11-01 University Of Cincinnati Threshold and identity-based key management and authentication for wireless ad hoc networks
JP4282546B2 (en) * 2004-05-19 2009-06-24 株式会社東芝 ENCRYPTION DEVICE, DECRYPTION DEVICE, KEY GENERATION DEVICE, PROGRAM, AND METHOD
GR1005023B (en) * 2004-07-06 2005-10-11 Atmel@Corporation Method and system for rnhancing security in wireless stations of local area network (lan)
US7624269B2 (en) * 2004-07-09 2009-11-24 Voltage Security, Inc. Secure messaging system with derived keys
JP4434886B2 (en) * 2004-08-31 2010-03-17 キヤノン株式会社 Server for managing print processing, control method therefor, and computer program
JP4546231B2 (en) * 2004-12-09 2010-09-15 株式会社日立製作所 ID-based signature and encryption system and method
US20060280300A1 (en) * 2005-06-08 2006-12-14 Fernando Rossini Cryptographic system
US7826619B2 (en) * 2005-08-23 2010-11-02 Ntt Docomo, Inc. Key-updating method, encryption processing method, key-insulated cryptosystem and terminal device
RU2006114900A (en) * 2006-05-03 2007-11-20 Самсунг Электроникс Ко., Лтд. (KR) METHOD OF DISTRIBUTED KEY MANAGEMENT BASED ON THE PRELIMINARY KEY DISTRIBUTION SCHEME
US8364711B2 (en) * 2006-05-09 2013-01-29 John Wilkins Contact management system and method
US8495380B2 (en) * 2006-06-06 2013-07-23 Red Hat, Inc. Methods and systems for server-side key generation
US9769158B2 (en) * 2006-06-07 2017-09-19 Red Hat, Inc. Guided enrollment and login for token users
US8707024B2 (en) * 2006-06-07 2014-04-22 Red Hat, Inc. Methods and systems for managing identity management security domains
KR101377455B1 (en) * 2006-10-09 2014-04-02 삼성전자주식회사 Method and apparatus of generating encryption key for broadcast encryption
US20100095118A1 (en) * 2006-10-12 2010-04-15 Rsa Security Inc. Cryptographic key management system facilitating secure access of data portions to corresponding groups of users
JP4984827B2 (en) 2006-10-30 2012-07-25 ソニー株式会社 KEY GENERATION DEVICE, ENCRYPTION DEVICE, RECEPTION DEVICE, KEY GENERATION METHOD, ENCRYPTION METHOD, KEY PROCESSING METHOD, AND PROGRAM
US8494166B2 (en) * 2007-05-01 2013-07-23 International Business Machines Corporation Use of indirect data keys for encrypted tape cartridges
CN101340282B (en) * 2008-05-28 2011-05-11 北京易恒信认证科技有限公司 Generation method of composite public key
US8510558B2 (en) 2009-02-17 2013-08-13 Alcatel Lucent Identity based authenticated key agreement protocol
US8788811B2 (en) * 2010-05-28 2014-07-22 Red Hat, Inc. Server-side key generation for non-token clients
AU2011289239B2 (en) * 2010-08-12 2016-02-25 Security First Corp. Systems and methods for secure remote storage of data
EP2704354B1 (en) * 2011-04-27 2021-04-07 Kabushiki Kaisha Toshiba Re-encryption key generator, re-encryption apparatus, and program
GB2491896A (en) * 2011-06-17 2012-12-19 Univ Bruxelles Secret key generation
US10211984B2 (en) * 2011-09-28 2019-02-19 Koninklijke Philips N.V. Hierarchical attribute-based encryption and decryption
US8953790B2 (en) * 2011-11-21 2015-02-10 Broadcom Corporation Secure generation of a device root key in the field

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101388770A (en) * 2008-10-20 2009-03-18 华为技术有限公司 Method, server and customer apparatus for acquiring dynamic host configuration protocol cipher

Also Published As

Publication number Publication date
CN103457732A (en) 2013-12-18
US20130322621A1 (en) 2013-12-05
US9036818B2 (en) 2015-05-19
KR101301609B1 (en) 2013-08-29
WO2013180412A1 (en) 2013-12-05

Similar Documents

Publication Publication Date Title
CN103457732B (en) Private key generating means and method
CN106961336B (en) A kind of key components trustship method and system based on SM2 algorithm
CN108352015B (en) Secure multi-party loss-resistant storage and encryption key transfer for blockchain based systems in conjunction with wallet management systems
US10652014B2 (en) Determining a common secret for the secure exchange of information and hierarchical, deterministic cryptographic keys
KR101977109B1 (en) Large simultaneous digital signature service system based on hash function and method thereof
CN107248909B (en) Certificateless secure signature method based on SM2 algorithm
TWI444030B (en) Method for keys generation, member authentication and security communication in a dynamic group
CA2423636A1 (en) Methods for authenticating potential members invited to join a group
CN103248478A (en) Multi-party security agreement based sealed electric auction scheme and verification method
CN106130716A (en) Cipher key exchange system based on authentication information and method
CN108696518B (en) Block chain user communication encryption method and device, terminal equipment and storage medium
Wei et al. Efficient certificateless authenticated asymmetric group key agreement protocol
US20220311623A1 (en) Data communication between a group of users
KR101382626B1 (en) System and method for id-based strong designated verifier signature
Lai et al. An efficient quantum blind digital signature scheme
Harn et al. Lightweight and flexible key distribution schemes for secure group communications
Mehta et al. Group authentication using paillier threshold cryptography
Chen et al. Public-key quantum signature for classical messages without third-party verification
KR102304831B1 (en) Encryption systems and method using permutaion group based cryptographic techniques
Shi et al. A restricted quantum deniable authentication protocol applied in electronic voting system
Wei et al. A general compiler for password-authenticated group key exchange protocol in the standard model
He et al. Efficient group key management for secure big data in predictable large‐scale networks
CN114301585B (en) Identification private key using method, generation method and management system
Chakraborty et al. An efficient attribute-based authenticated key exchange protocol
KR101827813B1 (en) Encryption and decryption method and signature method based on method for generating secret key, and recording medium storing program for executing method of the same in computer

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant